JaffaCakes118_119ba3f0a37d014bd55b79498ffd755c

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_119ba3f0a37d014bd55b79498ffd755c
Size

261KB
MD5

119ba3f0a37d014bd55b79498ffd755c
SHA1

9fc55a22cf39afa240689eb0242bdbc37ef0286a
SHA256

a01f9ccc62411d3c29b7856174212f0a9cd909e13372c1614d1e62f6354a8822
SHA512

090554b42ed3c68254e75c7aa71339130fc2720df81d6ac1aad8e82d2c918dd18bd1fc6d5c66418b6d6190b8b5974c64626caef22e46185ee31865b97c263c42
SSDEEP

6144:608n1pZ51ZDbYERBO1hebgc0n89fR0LIUr/V3Sh8gCFS8cJ:6PfXzXbf0q+ImE8gCDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_119ba3f0a37d014bd55b79498ffd755c

Files

JaffaCakes118_119ba3f0a37d014bd55b79498ffd755c
.exe windows:4 windows x86 arch:x86

f9c9038d0f3348493fe407df18a6cd50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CopyMetaFileA
AbortDoc
SaveDC
GetWindowOrgEx
SetWindowExtEx
SetTextJustification
GetClipRgn
RealizePalette
PtVisible
PolyDraw
StartDocA
CreateFontA
PolylineTo
CreateCompatibleBitmap
GetObjectA
GetStockObject
EnumFontFamiliesExA
ExtCreatePen
PatBlt
BitBlt
PolyBezierTo
ScaleViewportExtEx
SelectObject
GetROP2
OffsetClipRgn
CreateCompatibleDC
LPtoDP
CreateMetaFileA
ArcTo
ExtTextOutA
GetTextColor
SelectClipRgn
OffsetWindowOrgEx
CreatePatternBrush
CreateFontIndirectA
GetPaletteEntries
OffsetRgn
SetViewportOrgEx
CombineRgn
EnumMetaFile
SetBkMode
GetMapMode
DeleteMetaFile
LineTo
GetViewportExtEx
UnrealizeObject
DPtoLP
StretchDIBits
GetPixel
CreateBitmap
Rectangle
ScaleWindowExtEx
SetMapperFlags
EndPage
PlayMetaFileRecord
GetCurrentPositionEx
GetPolyFillMode
RectVisible
ExcludeClipRect
CloseMetaFile
RestoreDC
GetStretchBltMode
SetBrushOrgEx
GetTextMetricsA
EndDoc
SetTextCharacterExtra
MoveToEx
GetBkColor
GetTextFaceA
CreatePen
PlayMetaFile
CreatePalette
SetBkColor
SetStretchBltMode
CreateDCA
OffsetViewportOrgEx
CreateRectRgn
CreateDIBPatternBrushPt
GetClipBox
CreateRectRgnIndirect
DeleteDC
StartPage
EnumFontFamiliesA
SetPolyFillMode
GetTextExtentPoint32A
SelectClipPath
SetAbortProc
SetTextColor
CreateSolidBrush
GetBkMode
SetTextAlign
SelectPalette
ExtSelectClipRgn
GetNearestColor
SetRectRgn
GetCharWidthA
DeleteObject
GetWindowExtEx
SetColorAdjustment
SetROP2
SetArcDirection
SetMapMode
GetTextAlign
GetObjectType
GetDeviceCaps
SetViewportExtEx
Escape
IntersectClipRect
SetWindowOrgEx
CreateHatchBrush
TextOutA
GetViewportOrgEx

msvcrt

_initterm
_mbslwr
_mbspbrk
malloc
modf
fseek
realloc
wcslen
fabs
_fdopen
memcmp
_ismbcspace
__CxxFrameHandler
_mbsspn
wcscpy
_ismbcdigit
_splitpath
_itoa
gmtime
strcmp
_expand
wcsncpy
_fullpath
sprintf
fgets
free
_mbsrev
_mbschr
_strdup
_ultoa
atoi
_mbscspn
floor
_purecall
strftime
_get_osfhandle
calloc
clearerr
vsprintf
abort
__dllonexit
_CxxThrowException
?terminate@@YAXXZ
_open_osfhandle
labs
_mbsrchr
_mbsstr
mktime
memcpy
__doserrno
_mbsnbicmp
_beginthreadex
strtol
_mbscmp
strtod
localtime
_ltoa
_mbsupr
strcpy
fflush
_mbclen
abs
_endthreadex
_mbsnbcmp
fwrite
_msize
_mbsdec
strtoul
memmove
_mbsinc
fputs
fclose
ceil
ftell
_onexit
time
atol
_mbctype
swprintf
memset
fread
strlen

user32

SetDlgItemTextA
LoadCursorA
LoadMenuA
InflateRect
UnregisterClassA
SendDlgItemMessageA
TranslateMDISysAccel
SetPropA
CreateWindowExA
ScrollWindowEx
GrayStringA
DrawMenuBar
WindowFromDC
GetScrollRange
GetFocus
SetDlgItemInt
InSendMessage
GetClassLongA
InvertRect
TranslateMessage
PostMessageA
EndDeferWindowPos
CopyRect
InvalidateRect
FillRect
IntersectRect
GetDialogBaseUnits
GetLastActivePopup
SetWindowsHookExA
EnableMenuItem
SetRectEmpty
GetClientRect
CountClipboardFormats
DefMDIChildProcA
SetWindowPos
InvalidateRgn
ScreenToClient
GetAsyncKeyState
IsWindowVisible
CheckMenuItem
IsClipboardFormatAvailable
ModifyMenuA
SetWindowPlacement
IsIconic
WinHelpA
CallNextHookEx
GetClassInfoA
WaitMessage
GetCapture
EnumChildWindows
BeginDeferWindowPos
GetWindowPlacement
TranslateAcceleratorA
GetSystemMenu
AdjustWindowRectEx
GetForegroundWindow
SetTimer
ShowWindow
TabbedTextOutA
FindWindowA
UnhookWindowsHookEx
LoadIconA
ShowOwnedPopups
SetForegroundWindow
GetMessagePos
CreateMenu
GetWindowTextLengthA
SetRect
GetMessageA
RemovePropA
GetWindowDC
CopyAcceleratorTableA
MoveWindow
GetTabbedTextExtentA
FrameRect
GetMenuItemID
KillTimer
MapWindowPoints
GetPropA
IsZoomed
GetDlgItemInt
IsDlgButtonChecked
SetActiveWindow
SetFocus
PostThreadMessageA
CharToOemA
CallWindowProcA
UnpackDDElParam
LoadStringA
GetMenuState
SetMenuItemBitmaps
DestroyMenu
TrackPopupMenu
PostQuitMessage
GetMenuStringA
GetSubMenu
DeleteMenu
wvsprintfA
GetMessageTime
GetScrollPos
DrawEdge
PtInRect
LoadAcceleratorsA
GetWindow
ScrollWindow
SetWindowTextA
BeginPaint
BringWindowToTop
UnionRect
PeekMessageA
GetKeyState
GetActiveWindow
SetScrollPos
MapDialogRect
SendMessageA
OffsetRect
IsChild
InsertMenuA
WindowFromPoint
DispatchMessageA
EndDialog
MsgWaitForMultipleObjects
GetDlgItemTextA
GetNextDlgTabItem
ClientToScreen
SetWindowLongA
GetMenuCheckMarkDimensions
DeferWindowPos
GetSystemMetrics
GetScrollInfo
ShowScrollBar
GetWindowTextA
DestroyWindow
SystemParametersInfoA
GetParent
EndPaint
GetCursorPos
UpdateWindow
CharNextA
EnableWindow
GetDesktopWindow
CheckDlgButton
DestroyCursor
SetScrollRange
DefFrameProcA
GetTopWindow
DefWindowProcA
MessageBeep
GetWindowThreadProcessId
GetDlgCtrlID
ReleaseCapture
SetMenu
EqualRect
GetDC
RegisterClipboardFormatA
CreateDialogIndirectParamA
GetDlgItem
LockWindowUpdate
wsprintfA
GetWindowRect
CheckRadioButton
OemToCharA
ValidateRect
CharUpperA
RegisterClassA
RedrawWindow
IsRectEmpty
SetWindowContextHelpId
ReleaseDC
SetScrollInfo
ReuseDDElParam
DrawTextA
GetWindowLongA
SetCapture
GetSysColorBrush
GetSysColor
SetCursor
LoadBitmapA
ClipCursor
GetMenu
MessageBoxA
GetNextDlgGroupItem
SetParent
DrawFocusRect
IsWindow
GetDCEx
RegisterWindowMessageA
DestroyIcon
GetClassNameA
IsDialogMessageA
IsWindowEnabled
AppendMenuA
SetCursorPos
GetMenuItemCount
RemoveMenu

kernel32

GetPrivateProfileStringA
GetFullPathNameA
lstrcmpA
GetProcessVersion
FindClose
GlobalFree
CreateFileA
ReleaseSemaphore
GlobalFindAtomA
LocalFileTimeToFileTime
CreateSemaphoreA
lstrcpyW
TlsSetValue
FindResourceExA
LockResource
SuspendThread
SetThreadPriority
SetFileTime
WaitForSingleObject
ReleaseMutex
SetFilePointer
DeleteCriticalSection
LocalAlloc
GetTempPathA
CreateEventA
LocalFree
FindFirstFileA
GetOEMCP
WaitForMultipleObjects
SystemTimeToFileTime
GetShortPathNameA
IsBadStringPtrW
SearchPathA
GetCurrentDirectoryA
LockFile
LeaveCriticalSection
LocalLock
RaiseException
GlobalLock
GlobalGetAtomNameA
SizeofResource
CopyFileA
CreateMutexA
DuplicateHandle
SetEndOfFile
GetFileTime
FlushFileBuffers
WritePrivateProfileStringA
WideCharToMultiByte
MoveFileA
ReadFile
GlobalFlags
GetPrivateProfileIntA
TlsAlloc
GlobalReAlloc
lstrcpynA
GlobalDeleteAtom
GetCurrentThreadId
FormatMessageA
lstrcatA
CloseHandle
FileTimeToSystemTime
ResumeThread
GlobalAlloc
GetProfileIntA
LoadResource
GetStringTypeExA
VirtualProtect
MulDiv
IsBadStringPtrA
lstrcmpiA
OutputDebugStringA
GetSystemDirectoryA
LocalUnlock
lstrcpyA
FreeLibrary
UnlockFile
SetFileAttributesA
TlsGetValue
DeleteFileA
GetModuleHandleA
SetErrorMode
GlobalUnlock
GetVolumeInformationA
WriteFile
GetThreadLocale
FindResourceA
FindNextFileA
GetFileSize
GlobalHandle
LocalReAlloc
GlobalAddAtomA
GetTempFileNameA
IsDBCSLeadByte
EnterCriticalSection
TlsFree
SetLastError
lstrlenA
lstrlenW
GetDiskFreeSpaceA
GetUserDefaultLCID
GlobalSize
IsValidCodePage
VirtualAlloc

advapi32

GetSidSubAuthority
RegEnumKeyExA
LsaOpenPolicy
DeregisterEventSource
SystemFunction031
LsaSetInformationPolicy
SystemFunction040
FreeEncryptedFileKeyInfo
CryptGetDefaultProviderW
AccessCheckAndAuditAlarmA
RegSetValueA
IsTextUnicode
AddAuditAccessAce
StartServiceA
SetPrivateObjectSecurity
DuplicateEncryptionInfoFile
IsTokenUntrusted
SystemFunction022
LsaDeleteTrustedDomain
InitiateSystemShutdownA
RegConnectRegistryA
CryptSetProviderW
ObjectPrivilegeAuditAlarmA
CopySid
SetEntriesInAuditListW
RegDeleteValueA
WmiQuerySingleInstanceMultipleA
SystemFunction003
GetAclInformation
AddAccessDeniedAceEx
SystemFunction015
StartServiceCtrlDispatcherA
CredGetSessionTypes
SetSecurityDescriptorControl
GetSidLengthRequired
AllocateAndInitializeSid
UnregisterIdleTask
ElfNumberOfRecords
QueryServiceConfig2A
SystemFunction006
IsValidSecurityDescriptor
ElfChangeNotify
LsaFreeMemory
GetServiceDisplayNameA
RegQueryValueExW
CredEnumerateA
LsaGetUserName
AreAllAccessesGranted
SystemFunction002
WmiQuerySingleInstanceA
SetSecurityDescriptorGroup
StartServiceW
LookupPrivilegeNameW
MapGenericMask
MD5Final
CheckTokenMembership
ReportEventA
CredUnmarshalCredentialW
RegSetValueW
GetWindowsAccountDomainSid
CredUnmarshalCredentialA
AccessCheckByTypeResultListAndAuditAlarmA
GetSecurityDescriptorLength
TrusteeAccessToObjectA
WmiDevInstToInstanceNameW
ElfReportEventA
GetAuditedPermissionsFromAclW

sti

StiCreateInstanceW
DllCanUnloadNow
StiCreateInstance

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QrGWUaB
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ybWe
Size: 512B - Virtual size: 249B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hCrQD
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.anQEmAb
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dzqbCp
Size: 512B - Virtual size: 417B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BmfNq
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vYpOH
Size: 512B - Virtual size: 473B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AeCZITt
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9c9038d0f3348493fe407df18a6cd50

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

user32

kernel32

advapi32

sti

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 219KB - Virtual size: 219KB

.QrGWUaB Size: 1KB - Virtual size: 1KB

.ybWe Size: 512B - Virtual size: 249B

.hCrQD Size: 512B - Virtual size: 356B

.anQEmAb Size: 2KB - Virtual size: 1KB

.dzqbCp Size: 512B - Virtual size: 417B

.BmfNq Size: 2KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 253KB

.rsrc Size: 2KB - Virtual size: 2KB

.vYpOH Size: 512B - Virtual size: 473B

.AeCZITt Size: 3KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 219KB - Virtual size: 219KB

.QrGWUaB
Size: 1KB - Virtual size: 1KB

.ybWe
Size: 512B - Virtual size: 249B

.hCrQD
Size: 512B - Virtual size: 356B

.anQEmAb
Size: 2KB - Virtual size: 1KB

.dzqbCp
Size: 512B - Virtual size: 417B

.BmfNq
Size: 2KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 253KB

.rsrc
Size: 2KB - Virtual size: 2KB

.vYpOH
Size: 512B - Virtual size: 473B

.AeCZITt
Size: 3KB - Virtual size: 2KB